Subject: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

Hello Debian Users!

Maybe I am doing something silly, but I am confused, so please educate
me if I am seeing/doing this wrong.

When trying to disable automatic binding of a (wrongly) advertised ipv6
IP I got stuck and only got it to work with the bottom two lines below
in my /etc/sysctl.d/am-no-ipv6.conf:

root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6
routing and perhaps need of firewalling?!

What I also tried before and still have access but does not prevent an
ipv6 from binding:

root@reinder:~# tail -7 /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll
root@reinder:~#

root@reinder:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp
iface ens18 inet6 static
autoconf 0
accept_ra 0

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
iface ens19 inet6 static
autoconf 0
accept_ra 0
root@reinder:~#

Kind regards,

Reinder

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

Hi,

On Sat, Jan 10, 2026 at 05:02:59PM +0100, Reinder wrote:

got stuck and only got it to work with the bottom two lines below in my /etc/sysctl.d/am-no-ipv6.conf:

root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6 routing
and perhaps need of firewalling?!

I think there is a race condition where some/all interfaces are created
before the sysctls are applied, and the "default" and "all" settings
only apply for interfaces created after they are set. ANyway, I've also
always had to set the same thing on the specific interface's sysctl when
I wanted to do this.

root@reinder:~# tail -7 /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll
root@reinder:~#

root@reinder:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp
iface ens18 inet6 static
autoconf 0
accept_ra 0

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
iface ens19 inet6 static
autoconf 0
accept_ra 0

I haven't tried to adjust IPv6 settings with DHCP but I do seem to
recall there is a known bug with DHCP configuring IPv6 things even when
it is only invoked for IPv4 purposes, as you have here.

Thanks,
Andy

--
https://bitfolk.com/ -- No-nonsense VPS hosting

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 10.01.2026 17:40 Uhr Reinder wrote:

When trying to disable automatic binding of a (wrongly) advertised
ipv6 IP I got stuck and only got it to work with the bottom two lines
below in my /etc/sysctl.d/am-no-ipv6.conf:

The right way is to fix that issue instead of changing every device.

root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6
routing and perhaps need of firewalling?!

The first question is the current state, so check if your values are
applied with sysctl -a.
Routing is handled different, the settings you mentioned disable the
SLAAC address generation and the insertion of the routes (default and
for each advertised prefix) from the RA. It doesn't disable IPv6
routing at all and it is entirely unrelated about firewalling.

You should definitely fix the real problems instead of tinkering around
here.

What I also tried before and still have access but does not prevent
an ipv6 from binding:

There are other ways of IPv6 addressing, like link-local.

root@reinder:~# tail -7 /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll
root@reinder:~#

Do you really use dhcpcd or do you use the NetworkManager?

--
kind regards
Marco

Send spam to 1768063201muell@stinkedores.dorfdsl.de

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On Sat, Jan 10, 2026 at 11:30?AM Reinder <reinder@reinder.nl> wrote
:

Hello Debian Users!

Maybe I am doing something silly, but I am confused, so please educate
me if I am seeing/doing this wrong.

When trying to disable automatic binding of a (wrongly) advertised ipv6
IP I got stuck and only got it to work with the bottom two lines below
in my /etc/sysctl.d/am-no-ipv6.conf:

root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6
routing and perhaps need of firewalling?!

Is the package linux-sysctl-defaults installed? See <https://www.debian.org/releases/trixie/release-notes/issues.html#etc-sysct l-conf-is-no-longer-honored>.

Also, which version of Debian?

What I also tried before and still have access but does not prevent an
ipv6 from binding:

root@reinder:~# tail -7 /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll
root@reinder:~#

root@reinder:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp
iface ens18 inet6 static
autoconf 0
accept_ra 0

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
iface ens19 inet6 static
autoconf 0
accept_ra 0
root@reinder:~#

Jeff

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

Values are applied, see below. I obviously did more to get to the bottom
of this. But just can't figure it out.

# Not working:
root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
#net.ipv6.conf.ens18.accept_ra=0
#net.ipv6.conf.ens19.accept_ra=0
root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
inet6 xx:xx:xx:xx:xx:7b8:627:2:be24:11ff:febe:1b7/64 scope global
dynamic mngtmpaddr proto kernel_ra
root@reinder:~#

# Working:
root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
root@reinder:~#

Also not working if I force it on the kernel cmdline, so not a race as
Andy suggested I think?!
Something must be ignoring the default/all setting or forcing it back
on.
This is latest Debian Trixie btw.

root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
inet6 xx:xx:xx:xx:xx:7b8:627:2:be24:11ff:febe:1b7/64 scope global
dynamic mngtmpaddr proto kernel_ra
root@reinder:~# grep accept_ra /proc/cmdline BOOT_IMAGE=/boot/vmlinuz-6.12.57+deb13-amd64 root=UUID=0f24c174-2023-4844-9f8c-0b9f55d5881c ro net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 quiet root@reinder:~# sysctl -a |grep net.ipv6.conf.*accept_ra net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.all.accept_ra_defrtr = 1
net.ipv6.conf.all.accept_ra_from_local = 0 net.ipv6.conf.all.accept_ra_min_hop_limit = 1 net.ipv6.conf.all.accept_ra_min_lft = 0
net.ipv6.conf.all.accept_ra_mtu = 1
net.ipv6.conf.all.accept_ra_pinfo = 1 net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.all.accept_ra_rt_info_min_plen = 0 net.ipv6.conf.all.accept_ra_rtr_pref = 1
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.default.accept_ra_defrtr = 1 net.ipv6.conf.default.accept_ra_from_local = 0 net.ipv6.conf.default.accept_ra_min_hop_limit = 1 net.ipv6.conf.default.accept_ra_min_lft = 0
net.ipv6.conf.default.accept_ra_mtu = 1
net.ipv6.conf.default.accept_ra_pinfo = 1 net.ipv6.conf.default.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.default.accept_ra_rt_info_min_plen = 0 net.ipv6.conf.default.accept_ra_rtr_pref = 1
net.ipv6.conf.ens18.accept_ra = 1
net.ipv6.conf.ens18.accept_ra_defrtr = 1 net.ipv6.conf.ens18.accept_ra_from_local = 0 net.ipv6.conf.ens18.accept_ra_min_hop_limit = 1 net.ipv6.conf.ens18.accept_ra_min_lft = 0
net.ipv6.conf.ens18.accept_ra_mtu = 1
net.ipv6.conf.ens18.accept_ra_pinfo = 1 net.ipv6.conf.ens18.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.ens18.accept_ra_rt_info_min_plen = 0 net.ipv6.conf.ens18.accept_ra_rtr_pref = 1
net.ipv6.conf.ens19.accept_ra = 1
net.ipv6.conf.ens19.accept_ra_defrtr = 1 net.ipv6.conf.ens19.accept_ra_from_local = 0 net.ipv6.conf.ens19.accept_ra_min_hop_limit = 1 net.ipv6.conf.ens19.accept_ra_min_lft = 0
net.ipv6.conf.ens19.accept_ra_mtu = 1
net.ipv6.conf.ens19.accept_ra_pinfo = 1 net.ipv6.conf.ens19.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.ens19.accept_ra_rt_info_min_plen = 0 net.ipv6.conf.ens19.accept_ra_rtr_pref = 1
net.ipv6.conf.lo.accept_ra = 1
net.ipv6.conf.lo.accept_ra_defrtr = 1
net.ipv6.conf.lo.accept_ra_from_local = 0 net.ipv6.conf.lo.accept_ra_min_hop_limit = 1
net.ipv6.conf.lo.accept_ra_min_lft = 0
net.ipv6.conf.lo.accept_ra_mtu = 1
net.ipv6.conf.lo.accept_ra_pinfo = 1 net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0 net.ipv6.conf.lo.accept_ra_rt_info_min_plen = 0 net.ipv6.conf.lo.accept_ra_rtr_pref = 1
root@reinder:~#




On 2026-01-11 07:22, Marco Moock wrote:

On 10.01.2026 17:40 Uhr Reinder wrote:

When trying to disable automatic binding of a (wrongly) advertised
ipv6 IP I got stuck and only got it to work with the bottom two lines
below in my /etc/sysctl.d/am-no-ipv6.conf:

The right way is to fix that issue instead of changing every device.

root@reinder:~# cat /etc/sysctl.d/am-no-ipv6.conf
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0
root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6
routing and perhaps need of firewalling?!

The first question is the current state, so check if your values are
applied with sysctl -a.
Routing is handled different, the settings you mentioned disable the
SLAAC address generation and the insertion of the routes (default and
for each advertised prefix) from the RA. It doesn't disable IPv6
routing at all and it is entirely unrelated about firewalling.

You should definitely fix the real problems instead of tinkering around
here.

What I also tried before and still have access but does not prevent
an ipv6 from binding:

There are other ways of IPv6 addressing, like link-local.

root@reinder:~# tail -7 /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll
root@reinder:~#

Do you really use dhcpcd or do you use the NetworkManager?

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 2026-01-11 09:17, Jeffrey Walton wrote:

root@reinder:~#

This is, to me, unexpected, even unwanted behavior?
I would expect disabling default and all to work and prevent ipv6
routing and perhaps need of firewalling?!

Is the package linux-sysctl-defaults installed? See <https://www.debian.org/releases/trixie/release-notes/issues.html#etc-sysctl-conf-is-no-longer-honored>.

Yes linux-sysctl-defaults is installed, but i'm using the new
/etc/sysctl.d/ scheme. Also tried forcing default/all on the cmdline at
boot.
No networkmanager, surely dhcpcd (but it doesnt seem to be a dhcpcd
issue to me), something else is switching the accept_ra on during boot
perhaps (see previous mail with sysctl output), or the kernel is doing something silly? Or obviously I am....

root@reinder:~# dpkg-query -l|grep linux-sysctl-defaults
ii linux-sysctl-defaults 4.12
all default sysctl configuration for Linux
root@reinder:~# dpkg-query -l|grep -i dhcp
ii dhcpcd-base 1:10.1.0-11+deb13u1
amd64 DHCPv4 and DHCPv6 dual-stack client (binaries and exit
hooks)
root@reinder:~# dpkg-query -l|grep -i networkmanager
root@reinder:~#

Also, which version of Debian?

root@reinder:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 13 (trixie)"
NAME="Debian GNU/Linux"
VERSION_ID="13"
VERSION="13 (trixie)"
VERSION_CODENAME=trixie
DEBIAN_VERSION_FULL=13.2
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/"
root@reinder:~#

Jeff

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 11.01.2026 09:30 Uhr Reinder wrote:

Something must be ignoring the default/all setting or forcing it back
on.

Are the NetworkManager or systemd-networkd active?

root@reinder:~# sysctl -a |grep net.ipv6.conf.*accept_ra
[...]
net.ipv6.conf.ens18.accept_ra = 1
[...]
net.ipv6.conf.ens19.accept_ra = 1

And that means the RA will be accepted and the route installed.

Did you already check why the wrong RA exists?

If not, this is the first task.

--
kind regards
Marco

Send spam to 1768120201muell@stinkedores.dorfdsl.de

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 2026-01-11 09:55, Marco Moock wrote:

On 11.01.2026 09:30 Uhr Reinder wrote:

Something must be ignoring the default/all setting or forcing it back
on.

Are the NetworkManager or systemd-networkd active?

No they are disabled, see below.

root@reinder:~# sysctl -a |grep net.ipv6.conf.*accept_ra
[...]
net.ipv6.conf.ens18.accept_ra = 1
[...]
net.ipv6.conf.ens19.accept_ra = 1

And that means the RA will be accepted and the route installed.

Yes but what can be enabling those when I force all and default off by
kernel command line and sysctl configuration?!

Did you already check why the wrong RA exists?

If not, this is the first task.

I agree this could fix my wrong RA problem, but since I am in an
environment where getting someone else to stop this announcement is a
*pain* I want to just ignore it.
And all obvious ways (to me) to not accept these RA's seem to fail. What happens if an unknown entity plugs in my network and sends RA's?!

More information:

root@reinder:~# systemctl status systemd-networkd
? systemd-networkd.service - Network Configuration
Loaded: loaded (/usr/lib/systemd/system/systemd-networkd.service; disabled; preset: enabled)
Active: inactive (dead)
TriggeredBy: ? systemd-networkd.socket
Docs: man:systemd-networkd.service(8)
man:org.freedesktop.network1(5)
FD Store: 0 (limit: 512)
root@reinder:~# sysctl -a |grep accept_ra\
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.ens18.accept_ra = 1
net.ipv6.conf.ens19.accept_ra = 1
net.ipv6.conf.lo.accept_ra = 1
root@reinder:~# grep -i accept /etc/systemd/networkd.conf
IPv6AcceptRA=no
[IPv6AcceptRA]
IPv6AcceptRA=no
root@reinder:~# grep accept_ra /proc/cmdline BOOT_IMAGE=/boot/vmlinuz-6.12.57+deb13-amd64 root=UUID=0f24c174-2023-4844-9f8c-0b9f55d5881c ro net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 quiet root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
inet6 xx:xx:xx:xx:xx:7b8:627:2:be24:11ff:febe:1b7/64 scope global
dynamic mngtmpaddr proto kernel_ra
root@reinder:~# dpkg-query -l|grep -i network
ii ifupdown 0.8.44
amd64 high level tools to configure network interfaces
ii iproute2 6.15.0-1
amd64 networking and traffic control tools
ii iputils-ping 3:20240905-3
amd64 Tools to test the reachability of network hosts
ii net-tools 2.10-1.3
amd64 NET-3 networking toolkit
ii netbase 6.5
all Basic TCP/IP networking system
ii traceroute 1:2.1.6-1
amd64 Traces the route taken by packets over an IPv4/IPv6 network root@reinder:~# grep -r accept_ra /usr/
grep: /usr/lib/systemd/systemd-networkd: binary file matches
grep: /usr/lib/x86_64-linux-gnu/libcrypto.so.3: binary file matches
grep: /usr/bin/openssl: binary file matches
grep: /usr/sbin/dhcpcd: binary file matches
grep: /usr/sbin/ifup: binary file matches
root@reinder:~#

At the moment I am thinking maybe ifup is still doing something? Though
there is no inet6 configuration in /etc/network/interfaces:

root@reinder:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
root@reinder:~# ls -als /etc/network/interfaces.d/*
ls: cannot access '/etc/network/interfaces.d/*': No such file or
directory
root@reinder:~#

Something still must be enabling accept_ra on my ens18 and ens19 unless
it is a kernel issue where default/all doesn't work?
Or am I missing something else?!

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

At the moment I am thinking maybe ifup is still doing something? Though there is no inet6 configuration in /etc/network/interfaces:

It seems to be indeed an ifupdown issue, forcing a static ipv6 in /etc/network/interfaces works, see below.
Problem is I did not want to do this. Will debug some more.

root@reinder:~# sysctl -a | grep accept_ra\
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.ens18.accept_ra = 0
net.ipv6.conf.ens19.accept_ra = 1
net.ipv6.conf.lo.accept_ra = 1
root@reinder:~# sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#' /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp
iface ens18 inet6 static
address xx:xx:xx:xx:xx:7b8:627:2::d59a:fd8c/64
autoconf 0
accept_ra 0

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
root@reinder:~#

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 2026-01-11 10:57, Reinder wrote:

At the moment I am thinking maybe ifup is still doing something?
Though there is no inet6 configuration in /etc/network/interfaces:

It seems to be indeed an ifupdown issue, forcing a static ipv6 in /etc/network/interfaces works, see below.
Problem is I did not want to do this. Will debug some more.

Setting the below in my /etc/network/interfaces

iface ens18 inet6 dhcp
autoconf 0
accept_ra 0

and then disabling ipv6 in /etc/dhcpcd.conf
## only ipv4
ipv4only
ipv6ra_noautoconf
nodhcp6
noipv6
noipv6rs
noipv4ll

Gets me where I want to be. Still unnecessary/unwanted steps in my
opinion but workable for me.

Thanks for thinking with me on this.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On Sun, Jan 11, 2026 at 4:58?AM Reinder <reinder@reinder.nl> wrote:

At the moment I am thinking maybe ifup is still doing something? Though there is no inet6 configuration in /etc/network/interfaces:

It seems to be indeed an ifupdown issue, forcing a static ipv6 in /etc/network/interfaces works, see below.
Problem is I did not want to do this. Will debug some more.

If I am not mistaken... If you are not using NetworkManager, and you
are not using Systemd, and you are not using Kea, then you are
probably using dhcpcd-base+ifupdown.

Maybe there's something in dhcpcd-base that will provide the next path
to go down.

root@reinder:~# sysctl -a | grep accept_ra\
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.ens18.accept_ra = 0
net.ipv6.conf.ens19.accept_ra = 1
net.ipv6.conf.lo.accept_ra = 1
root@reinder:~# sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#' /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens18
iface ens18 inet dhcp
iface ens18 inet6 static
address xx:xx:xx:xx:xx:7b8:627:2::d59a:fd8c/64
autoconf 0
accept_ra 0

# The secondary network interface
allow-hotplug ens19
iface ens19 inet dhcp
root@reinder:~# ip a s dev ens18|grep kernel_ra|sed 's#[0-9]*:*:*:*:*:#xx:xx:xx:xx:xx:#'
root@reinder:~#

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On Mon, Jan 12, 2026 at 11:44:37 -0500, Jeffrey Walton wrote:

On Sun, Jan 11, 2026 at 4:58?AM Reinder <reinder@reinder.nl> wrote:

At the moment I am thinking maybe ifup is still doing something? Though there is no inet6 configuration in /etc/network/interfaces:

It seems to be indeed an ifupdown issue, forcing a static ipv6 in /etc/network/interfaces works, see below.
Problem is I did not want to do this. Will debug some more.

If I am not mistaken... If you are not using NetworkManager, and you
are not using Systemd, and you are not using Kea, then you are
probably using dhcpcd-base+ifupdown.

Maybe there's something in dhcpcd-base that will provide the next path
to go down.

They might be using isc-dhcp-client instead. My trixie system is using
that, but it was installed on an older release and upgraded. I don't
know what a new trixie installation uses for its DHCP client.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 2026-01-12 20:04, Greg Wooledge wrote:

On Mon, Jan 12, 2026 at 11:44:37 -0500, Jeffrey Walton wrote:

On Sun, Jan 11, 2026 at 4:58?AM Reinder <reinder@reinder.nl> wrote:

They might be using isc-dhcp-client instead. My trixie system is using
that, but it was installed on an older release and upgraded. I don't
know what a new trixie installation uses for its DHCP client.

No it is indeed a fresh trixie with dhcpcd+ifupdown.

The issue is "resolved" and I'm sure it is in ifupdown.

There seem to be three ways to work around it, one is to include addr_gen_mode=1 in sysctl settings for all/default. net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.all.autoconf=0
net.ipv6.conf.all.addr_gen_mode=1
net.ipv6.conf.default.accept_ra=0
net.ipv6.conf.default.autoconf=0
net.ipv6.conf.default.addr_gen_mode=1

The other one was to set accept_ra = 0 / autoconf = 0 on a dev device
inet6 manual/static in /etc/network/interfaces.

The third is to force the specific interfaces in sysctl/kernel cmdline: net.ipv6.conf.ens18.accept_ra=0
net.ipv6.conf.ens19.accept_ra=0

I am quite sure it is ifupdown always setting accept_ra=1 on a device
that has no inet6 configured in /etc/network/interfaces and ignoring the kernel settings all/default to 0 for accept_ra/autoconf.
But I haven't checked the code. If you guys think it's worth the time
and is something that should be patched I can maybe find some time later
for this.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 2026-01-12, Greg Wooledge wrote:

They might be using isc-dhcp-client instead. My trixie system is using
that, but it was installed on an older release and upgraded. I don't
know what a new trixie installation uses for its DHCP client.

isc-dhcp-client is deprecated. trixie defaults to dhcpd

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 00:02:17 +0100, Michel Verdier wrote:

On 2026-01-12, Greg Wooledge wrote:

They might be using isc-dhcp-client instead. My trixie system is using that, but it was installed on an older release and upgraded. I don't
know what a new trixie installation uses for its DHCP client.

isc-dhcp-client is deprecated. trixie defaults to dhcpd

Hmm, so it is. <https://www.debian.org/releases/trixie/release-notes/issues.en.html#deprecated-components-for-releasename>
mentions it briefly; I'm sure I read that at some point, but I didn't
really pay close attention to it. It mentions dhcpcd-base as a
potential replacement, but doesn't advise how to actually *migrate*
to that.

<https://wiki.debian.org/DHCP_Client> is pretty bare as well.

So, I tried it the hard way. I installed dhcpcd-base, and it did *not*
remove the isc-dhcp-client package. Apparently they can coexist. I
suspect that's a very perilous situation, so the next thing I did was
remove (not purge) the isc-dhcp-client and isc-dhcp-base packages.

This left me with the dhcpcd-base package installed, isc-dhcp-client
in the "rc" state, and a dhclient process still running(!). I didn't
even think that was possible on Linux -- for a process to continue
running after its program file on disk has been unlinked.

So, the next thing I did was kill that process. Then, finally, I brought
my network interface down and up (ifdown, ifup).

It seems to be working, though it's interesting that there are now 8
separate dhcpcd processes running. I guess that's normal.

Another thing I checked is my /etc/resolv.conf file, which is generated
by resolvconf, which is actually from the openresolv package, not the resolvconf package. (Both exist, so I'm clarifying.) This seems to
be working as expected also. The file was timestamped at the time I
made the switch, but it has the same size and content as before. That's
good.

dhcpcd(8) says that it writes DNS information to resolvconf(8) if it's available, so it seems this is all by design, and works differently
than isc-dhcp-client but with the same end result. (I wasted some time
looking for hooks/hacks that don't need to exist.)

Maybe this message will help someone else in a similar situation. I'm
not sure what would have happened if I had left both DHCP client
packages installed simultaneously, or if I hadn't killed the dhclient
process after removing its package, and I really don't want to test it.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0 not working?!

On 13/01/2026 2:20 am, Reinder wrote:

But I haven't checked the code. If you guys think it's worth the time
and is something that should be patched I can maybe find some time later
for this.

<https://codesearch.debian.net/> query "accept_ra package:ifupdown"
suggests several places where accept_ra may be set and

* Default to accept_ra=2 for inet6/auto (Closes: #739993, LP: #1260241)

from changelog. If you believe that "default.accept_ra" setting should
be respected then you may discuss it with developers. I am less sure concerning "all" if it has effect at the moment when when the parameter
is set. I can not say that I am closely familiar with <https://docs.kernel.org/networking/ip-sysctl.html#proc-sys-net-ipv6-variables>

It seems dhscpcd can only disable accept_ra.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On Mon, Jan 12, 2026 at 08:03:39PM -0500, Greg Wooledge wrote:
[...]

This left me with the dhcpcd-base package installed, isc-dhcp-client
in the "rc" state, and a dhclient process still running(!). I didn't
even think that was possible on Linux -- for a process to continue
running after its program file on disk has been unlinked.

I remember it always was "normal" on Unices (I even remember poking
fun at the poor Windows sods who couldn't pull off that trick). The
background is that you just remove the directory entry (the file
still exists as long as it is referenced, i.e. at least while the
process runs; actually, on Linux, with its proc file system you even
might revive it by looking through /proc/<PID>, I think).
So I made an experiment. This is /tmp/foo.c
#include <stdio.h>
#include <unistd.h>
int main(int argc, char *argv[])
{
int i = 0;
while(1) {
printf("Hello %d\n", i++);
sleep(2);
}
}
"Make foo" generates an executable /tmp/foo. Invoking it goes
counting. Now, from another xterm, do "rm /tmp/foo". The counting
continues happily. I didn't try the revive trick, but I'm convinced
it might work.
So we still get to poke fun at the poor windows sods ;-D
Now trying to *edit the executable file in place* might get you
a -ETXTBSY (Text file busy). Another kettle of fish.
Cheers
--
tom s


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On 2026-01-13 at 02:57, tomas@tuxteam.de wrote:

On Mon, Jan 12, 2026 at 08:03:39PM -0500, Greg Wooledge wrote:

[...]

This left me with the dhcpcd-base package installed,
isc-dhcp-client in the "rc" state, and a dhclient process still
running(!). I didn't even think that was possible on Linux -- for
a process to continue running after its program file on disk has
been unlinked.

I remember it always was "normal" on Unices (I even remember poking
fun at the poor Windows sods who couldn't pull off that trick). The background is that you just remove the directory entry (the file
still exists as long as it is referenced, i.e. at least while the
process runs; actually, on Linux, with its proc file system you even
might revive it by looking through /proc/<PID>, I think).

Yep - this has been part of my understanding of the key differences
between *nix and Windows/etc. filesystem semantics. In particular, this
is what makes it possible for files (including important system files,
et cetera) to be modified or deleted while they are still in use - and, thereby, the reason for the fact that on *nix systems, software
(including the OS) can be upgraded without requiring a reboot, and
Windows systems it very often cannot.
My understanding is that the file is not gone (released by the
filesystem, its resource consumption freed for use by other things) as
long as there is still one reference to it, and *references by open file descriptors count*.
If that understanding is correct, then in theory, you could have a
program which opens a file, waits indefinitely to see if it gets
deleted, and if it ever does, creates it again (whether under the same name/path or under another) - thereby ensuring that as long as that
program stays running, the file sticks around in some respect, including
that the resources are not freed up.
I'm not sure there'd be much use for such a setup other than by malware,
but I'm reasonably confident that it would in fact be possible. (I have additional thoughts about edge cases of that odd edge case, some of
which might mitigate the potential malware side of that and some of
which might exacerbate it, but they are not coming readily into
express-able words.)

Now trying to *edit the executable file in place* might get you a
-ETXTBSY (Text file busy). Another kettle of fish.

I don't think I've actually seen a reference to this (signal?) code before.
--
The Wanderer
The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On Tue, Jan 13, 2026 at 07:43:08AM -0500, The Wanderer wrote:

On 2026-01-13 at 02:57, tomas@tuxteam.de wrote:

[...]

Now trying to *edit the executable file in place* might get you a
-ETXTBSY (Text file busy). Another kettle of fish.

I don't think I've actually seen a reference to this (signal?) code before.

It is an errno. And it happens whenever the file is mmaped and serves
as backing store for the RAM (typically read-only). The system is lazy
(good for you!) and doesn't allocate anything else to back that RAM,
and it knows it can throw it out when under pressure, since it is
there to be paged in as needed. Happens with program text (and with
shared libs, which is basically the same).
Let's try...
as above: compile, start, then from another xterm:
tomas@caliban:/tmp$ ls -al foo
-rwxr-xr-x 1 tomas tomas 16008 Jan 13 14:18 foo
Aha. It's 16k. Let's overwrite its fifth 256B block:
echo "catbert was here" | dd of=foo bs=256 seek=5
dd: failed to open 'foo': Text file busy
...as I predicted (oof, sometimes it works out ;-)
To complete things:
tomas@caliban:/tmp$ ps wwaux | grep foo
tomas 30319 0.0 0.0 2468 868 pts/8 S+ 14:18 0:00 ./foo
tomas 30673 0.0 0.0 6864 2012 pts/3 S+ 14:22 0:00 grep foo Away with it:
tomas@caliban:/tmp$ rm foo
tomas@caliban:/tmp$ ls -alh /proc/30319/exe
lrwxrwxrwx 1 tomas tomas 0 Jan 13 14:24 /proc/30319/exe -> '/tmp/foo (deleted)'
Aha. Can we resucitate it?
cp /proc/30319/exe ./foo1
(I chose another name just for kicks).
(Note that I have to cp, since across filesystems). Now:
tomas@caliban:/tmp$ ls -l foo1
-rwxr-xr-x 1 tomas tomas 16008 Jan 13 14:26 foo1
tomas@caliban:/tmp$ file foo1
foo1: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked,
interpreter /lib64/ld-linux-x86-64.so.2,
BuildID[sha1]=33e0c4219a6ae687645c3f648ac478ca9b269f25,
for GNU/Linux 3.2.0, not stripped
This looks good. Now CTRL-C the proogram, and...
tomas@caliban:/tmp$ ./foo1
Hello 0
Hello 1
...
Resucitation successful.
I once heard that story of someone rm -rf-ing /, then stopping in panic, but /bin/sh
was gone, then rescueing it this way. Or was it /lib/libc-whatever?
Now I tried it myself :)
Enjoy
--
tom s


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Mon, 2026-01-12 at 20:03 -0500, Greg Wooledge wrote:

I didn't
even think that was possible on Linux -- for a process to continue
running after its program file on disk has been unlinked.

That literally happens every time you upgrade a running program?


--
Jan Claeys

(please don't CC me when replying to the list)

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On Tue, Jan 13, 2026 at 07:43:08 -0500, The Wanderer wrote:

Now trying to *edit the executable file in place* might get you a
-ETXTBSY (Text file busy). Another kettle of fish.

I don't think I've actually seen a reference to this (signal?) code before.

open(2)

ETXTBSY
pathname refers to an executable image which is currently being
executed and write access was requested.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 8:38?AM Jan Claeys <lists@janc.be> wrote:

On Mon, 2026-01-12 at 20:03 -0500, Greg Wooledge wrote:

I didn't
even think that was possible on Linux -- for a process to continue
running after its program file on disk has been unlinked.

That literally happens every time you upgrade a running program?

To add to Jan's reply, it can happen with shared objects and data files, to
o.

I once deleted a SQLite database that was actually being used.
Luckily (for me), the program had the database open, and I was able to
restore the database by using the open file descriptor held by the
program.

The answer was something like <https://superuser.com/questions/283102/how-to-recover-deleted-file-if-it-i s-still-opened-by-some-process>,
but I don't recall the exact details. It was too long ago.

The takeaway is, the file is not actually deleted until the final
unlink and the inodes are freed.

Jeff

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 02:38:17PM +0100, Jan Claeys wrote:

On Mon, 2026-01-12 at 20:03 -0500, Greg Wooledge wrote:

I didn't
even think that was possible on Linux -- for a process to continue
running after its program file on disk has been unlinked.

That literally happens every time you upgrade a running program?

Depends on what you mean by "upgrade a running program".
Cheers
--
tom s


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 09:15:35AM -0500, Jeffrey Walton wrote:

On Tue, Jan 13, 2026 at 8:38?AM Jan Claeys <lists@janc.be> wrote:

On Mon, 2026-01-12 at 20:03 -0500, Greg Wooledge wrote:

I didn't
even think that was possible on Linux -- for a process to continue running after its program file on disk has been unlinked.

That literally happens every time you upgrade a running program?

To add to Jan's reply, it can happen with shared objects and data files, too.

[...]

The takeaway is, the file is not actually deleted until the final
unlink and the inodes are freed.

You just remove the directory entry, which points to the file inode.
The latter keeps a ref count and is freed once that reaches 0.
(Basically what you said, I just allowed myself to sharpen it a bit).
Cheers
--
t


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On 2026-01-13, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:

That literally happens every time you upgrade a running program?

Depends on what you mean by "upgrade a running program".

I always wondered about that. Say you're running chromium while the
package is upgraded. Of course, I long realized that nothing untoward occurs, but kind of thought: my running instance will "perdure" until it's
closed, but then that would mean people who never reboot and leave
their browser eternally open would eventually have critical faults in
their navigation software, so that can't be right.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 9:58?AM Bigsy Bohr <curtyshoo@gmail.com> wr
ote:

On 2026-01-13, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:

That literally happens every time you upgrade a running program?

Depends on what you mean by "upgrade a running program".

I always wondered about that. Say you're running chromium while the
package is upgraded. Of course, I long realized that nothing untoward occ

urs,

but kind of thought: my running instance will "perdure" until it's
closed, but then that would mean people who never reboot and leave
their browser eternally open would eventually have critical faults in
their navigation software, so that can't be right.

Not necessarily. A reboot can be avoided if a binary is hot patched.
But it takes a little magic to make it happen. Namely, there has to
be some nop's at each procedure's entry point after epilogue. There
also has to be instrumentation to say which procedures have special
entry points. Once patched the nop's are converted to a jump into the
new binary.

Microsoft used to do it through a library called Detours, <https://www.microsoft.com/en-us/research/project/detours/>.
Companies like Canonical provide the service, too. Canonical calls it Livepatch, <https://ubuntu.com/security/livepatch>.

Personally, I just reboot. I don't care about uptime.

Jeff

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On 13/01/2026 8:31 pm, tomas@tuxteam.de wrote:

cp /proc/30319/exe ./foo1

[...]

I once heard that story of someone rm -rf-ing /, then stopping in panic, but /bin/sh
was gone, then rescueing it this way. Or was it /lib/libc-whatever?

A similar workaround is recommended even in release notes:

<https://www.debian.org/releases/trixie/release-notes/upgrading.en.html>
4. Upgrades from Debian 12 (bookworm):

In case tmux was upgraded to a new major version you may get an error on attach: ?open terminal failed: not a terminal?. You can still access the
old session with:

/proc/$(pgrep "tmux: server")/exe attach

As to ETXTBSY, I am less sure concerning .so plugins loaded using
dlopen. At least I saw crashes when cp(1) was used instead of install(1)
to replace old libraries during installing another version.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Tue, Jan 13, 2026 at 02:58:04PM -0000, Bigsy Bohr wrote:

On 2026-01-13, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:

That literally happens every time you upgrade a running program?

Depends on what you mean by "upgrade a running program".

I always wondered about that. Say you're running chromium while the
package is upgraded. Of course, I long realized that nothing untoward occurs, but kind of thought: my running instance will "perdure" until it's
closed, but then that would mean people who never reboot and leave
their browser eternally open would eventually have critical faults in
their navigation software, so that can't be right.

You just have to reboot the browser. That's enough trauma.
Cheers
--
t


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On Wed, Jan 14, 2026 at 09:29:47AM +0700, Max Nikulin wrote:

On 13/01/2026 8:31 pm, tomas@tuxteam.de wrote:

cp /proc/30319/exe ./foo1

[...]

I once heard that story of someone rm -rf-ing /, then stopping in panic, but /bin/sh
was gone, then rescueing it this way. Or was it /lib/libc-whatever?

A similar workaround is recommended even in release notes:

<https://www.debian.org/releases/trixie/release-notes/upgrading.en.html>
4. Upgrades from Debian 12 (bookworm):

In case tmux was upgraded to a new major version you may get an error on attach: ?open terminal failed: not a terminal?. You can still access the old session with:

/proc/$(pgrep "tmux: server")/exe attach

As to ETXTBSY, I am less sure concerning .so plugins loaded using dlopen. At least I saw crashes when cp(1) was used instead of install(1) to replace old libraries during installing another version.

I don't know what you mean by ".so plugins", but if it is good ol' shared
libs, yes, they are mmapped:
tomas@caliban:~$ lsof /lib/x86_64-linux-gnu/libc.so.6
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
x-window- 2267 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
FvwmComma 2317 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
FvwmButto 2318 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
FvwmPager 2319 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
xterm 2320 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
xload 2322 tomas mem REG 254,1 1926232 1177239 /usr/lib/x86_64-linux-gnu/libc.so.6
[...]
...so they most probably are busy (anyone knows how to find out short of trying to
write to them?), since they are being used as backing store for the map.
Cheers
--
tom s


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On 14/01/2026 2:28 pm, tomas@tuxteam.de wrote:

On Wed, Jan 14, 2026 at 09:29:47AM +0700, Max Nikulin wrote:

As to ETXTBSY, I am less sure concerning .so plugins loaded using dlopen. At >> least I saw crashes when cp(1) was used instead of install(1) to replace old >> libraries during installing another version.

I don't know what you mean by ".so plugins", but if it is good ol' shared libs, yes, they are mmapped:

I mean explicit call of dlopen(3). Consider e.g. apache modules. I
mentioned it for the case if there is some difference in loading of
linked libraries and loading optional parts later. Certainly files are mmap'ed. I have no idea if something has been changed in kernel or in
libdl during last decade, but earlier cp was able to overwrite shared
library in place causing crash on next attempt to call some function
from that library. I have not retested it now. I think, the key point is whether kernel considers specific file as being executed. Memory mapped
files may be opened in read-write mode.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Removing (the file of) a running program [was: Trixie DHCP client migration ...]

On Thu, Jan 15, 2026 at 09:58:48AM +0700, Max Nikulin wrote:

On 14/01/2026 2:28 pm, tomas@tuxteam.de wrote:

On Wed, Jan 14, 2026 at 09:29:47AM +0700, Max Nikulin wrote:

As to ETXTBSY, I am less sure concerning .so plugins loaded using dlopen. At
least I saw crashes when cp(1) was used instead of install(1) to replace old
libraries during installing another version.

I don't know what you mean by ".so plugins", but if it is good ol' shared libs, yes, they are mmapped:

I mean explicit call of dlopen(3). Consider e.g. apache modules. I mentioned it for the case if there is some difference in loading of linked libraries and loading optional parts later. Certainly files are mmap'ed. I have no
idea if something has been changed in kernel or in libdl during last decade, but earlier cp was able to overwrite shared library in place causing crash
on next attempt to call some function from that library. I have not retested it now. I think, the key point is whether kernel considers specific file as being executed. Memory mapped files may be opened in read-write mode.

Ah, OK. I tend to agree with you in that.
I haven't explicitly tried, but this is my mental model when Firefox
goes "Oh, Noes! Something went totally wrong I'm sooo sorry!" when I
do an upgrade while it is running. This one does dlopen a lot.
Cheers
--
tom s


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On 2026-01-14, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:

You just have to reboot the browser. That's enough trauma.

A kernel upgrade requires a reboot of the system, then.

How traumatic!

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Trixie DHCP client migration (was Re: net.ipv6.conf.all.accept_ra=0 net.ipv6.conf.default.accept_ra=0) not working?!

On Thu, Jan 15, 2026 at 05:19:28PM -0000, Bigsy Bohr wrote:

On 2026-01-14, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:

You just have to reboot the browser. That's enough trauma.

A kernel upgrade requires a reboot of the system, then.

How traumatic!

;-)
Cheers
--
t


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)